在请求 https 时,会遇到证书有一些问题的情况,所以在发送请求的时候需要忽略证书验证。
(使用的主要jar包括httpclient-4.5.1.jar和httpcore-4.4.3.jar)
/**
* 控制设备
* @return
*/
public String controlDevice() {
final String queryDevicesUrl="https://xxx.com:10000/dnaproxy/v1/device/control";
CloseableHttpClient client = HttpClients.createDefault();
client = (CloseableHttpClient)wrapClient(client);
HttpPost post = new HttpPost(queryDevicesUrl);
Long timestamp=System.currentTimeMillis();
Map params=new HashMap();
params.put("license", LICENSE);
params.put("did", "00000000000000000000b4430ddbcd0e");
params.put("pid", "000000000000000000000000384f0000");
params.put("tpid", "20280");
params.put("subdevdid", "");
params.put("subdevpid", "");
params.put("act", "set");
params.put("srv", "");
List list=new ArrayList();
list.add("pwr");
params.put("params", list);
List< List< Map< String,Integer>>> l1=new ArrayList< List< Map< String,Integer>>>();
List< Map< String,Integer>> l2=new ArrayList< Map< String,Integer>>();
Map map=new HashMap();
map.put("idx", 1);
map.put("val", 0);
l2.add(map);
l1.add(l2);
params.put("vals", l1);
String postData=new Gson().toJson(params);
// post.setHeader("Content-Type", "application/json");
post.addHeader("timestamp", timestamp.toString());
post.addHeader("signature", DigestUtils.shaHex(postData+timestamp+LICENSE));
post.addHeader("userid", USERID);
post.addHeader("accesskey", ACCESSKEY);
String result = "";
try {
StringEntity s = new StringEntity(postData);
// s.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE,"application/json"));
post.setEntity(s);
// 发送请求
CloseableHttpResponse httpResponse = client.execute(post);
if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
System.out.println("请求服务器成功");
result=EntityUtils.toString(httpResponse.getEntity(),"utf-8");
httpResponse.close();
System.out.println("结果:\n"+result);
} else {
System.out.println("请求服务端失败");
httpResponse.close();
}
} catch (Exception e) {
System.out.println("请求异常");
e.printStackTrace();
}
return result;
}
/**
* 避免HttpClient的”SSLPeerUnverifiedException: peer not authenticated”异常
* 不用导入SSL证书
* @param base
* @return
*/
public static HttpClient wrapClient(HttpClient base) {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory(ctx,NoopHostnameVerifier.INSTANCE);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(ssf).build();
return httpclient;
} catch (Exception ex) {
ex.printStackTrace();
return HttpClients.createDefault();
}
}
说明:其中wrapClient方法就是创建一个不进行正式验证的请求客户端对象。
参考文档:
1.http://www.th7.cn/Program/Java/201402/173791.shtml Https请求基本过程介绍;
2.http://blog.csdn.NET/kobejayandy/article/details/44284765 老版本Https请求的常见实现;
3.http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/CloseableHttpClient.html Https请求使用类的最新官方API说明。